CVSS: 5.1EPSS: 28%CPEs: 1EXPL: 0CVE-2006-4513
https://notcve.org/view.php?id=CVE-2006-4513
Multiple integer overflows in the WV library in wvWare (formerly mswordview) before 1.2.3, as used by AbiWord, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word (DOC) file that produces (1) large LFO clfolvl values in the wvGetLFO_records function or (2) a large LFO nolfo value in the wvGetFLO_PLF function. Múltiples desbordamientos de entero en la biblioteca WV en wvWare (anteriormente conocido como mswordview) versiones anteriores a 1.2.3, utilizado por AbiWord, KWord, y posiblemente otros productos, permiten a atacantes remotos con la intervención del usuario, ejecutar código de su elección mediante un fichero manipulado Microsoft Word (DOC) que produce 1) valores elevados LFO clfolvl en la función wvGetLFO_records ó (2) un valor elevado LFO nolfo en la función wvGetFLO_PLF. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=433 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=434 http://secunia.com/advisories/22595 http://secunia.com/advisories/22680 http://secunia.com/advisories/22705 http://secunia.com/advisories/23273 http://secunia.com/advisories/23335 http://security.gentoo.org/glsa/glsa-200612-01.xml http://securitytracker.com/id?1017126 http://www.mandriva.com/security/advisories?name=MDKSA-2006:202 http://www •
CVSS: 7.5EPSS: 19%CPEs: 4EXPL: 0CVE-2006-3376
https://notcve.org/view.php?id=CVE-2006-3376
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file. Desbordamiento de entero en el archivo player.c en libwmf 0.2.8.4, utilizado en múltiples productos incluyendo (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, y(6) imagemagick, que permite a los atacantes remotos ejecutar arbitrariamente código a través del campo cabecera MaxRecordSize en un archivo WMF. • http://rhn.redhat.com/errata/RHSA-2006-0597.html http://secunia.com/advisories/20921 http://secunia.com/advisories/21064 http://secunia.com/advisories/21261 http://secunia.com/advisories/21419 http://secunia.com/advisories/21459 http://secunia.com/advisories/21473 http://secunia.com/advisories/22311 http://security.gentoo.org/glsa/glsa-200608-17.xml http://securityreason.com/securityalert/1190 http://securitytracker.com/id?1016518 http://www.mandriva.com/security/advisories?na •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-2197
https://notcve.org/view.php?id=CVE-2006-2197
Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document. Desbordamiento de entero en WV2 anterior a v0.2.3 podría permitir a atacantes dependientes de contexto para ejecutar código arbitrario a través de un documento de Microsoft Word. • http://secunia.com/advisories/20665 http://secunia.com/advisories/20688 http://secunia.com/advisories/20689 http://secunia.com/advisories/20826 http://secunia.com/advisories/20844 http://secunia.com/advisories/20899 http://securitytracker.com/id?1016313 http://sourceforge.net/project/shownotes.php?group_id=10501&release_id=424094 http://www.debian.org/security/2006/dsa-1100 http://www.gentoo.org/security/en/glsa/glsa-200606-24.xml http://www.mandriva.com/security/advisories? • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 9%CPEs: 9EXPL: 1CVE-2004-0645
https://notcve.org/view.php?id=CVE-2004-0645
Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field. Desbordamiento de búfer en la función wvHandleDateTimePicture en la librería wv (wvWare) 0.7.4 a 0.7.6 y 1.0.0 permite a atacantes remotos ejecutar código de su elección mediante un documento con un campo DateTime largo. • http://cpan.cybercomm.nl/pub/gentoo-portage/app-text/wv/files/wv-1.0.0-fix_overflow.patch http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000863 http://security.gentoo.org/glsa/glsa-200407-11.xml http://www.debian.org/security/2004/dsa-579 http://www.freebsd.org/ports/portaudit/7a5430df-d562-11d8-b479-02e0185c0b53.html http://www.idefense.com/application/poi/display?id=115&type=vulnerabilities http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:077 •